13 matches found
EUVD-2014-7035
Malware in sbrugna...
CVE-2021-24430
The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its cachingexcludeurls and cachingincludequerystrings settings before outputting them in a PHP file, which could lead to RCE...
CVE-2021-25023
The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not escape the sbpconverttablename parameter before using it in a SQL statement to convert the related table, leading to an SQL injection...
Sql injection
The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not escape the sbpconverttablename parameter before using it in a SQL statement to convert the related table, leading to an SQL injection...
Design/Logic Flaw
The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its cachingexcludeurls and cachingincludequerystrings settings before outputting them in a PHP file, which could lead to RCE...
Advanced SystemCare Ultimate Elevation of Privilege Vulnerability (CNVD-2021-57451)
Advanced SystemCare Ultimate is a Windows optimization suite from Iobit that analyzes system performance bottlenecks. advanced SystemCare Ultimate version 14.2.0.220 contains an elevation of privilege vulnerability. An attacker can exploit the vulnerability by sending a malicious I/O request pack...
Advanced SystemCare Ultimate Elevation of Privilege Vulnerability (CNVD-2021-57452)
Advanced SystemCare Ultimate, a Windows optimization suite from Iobit that analyzes system performance bottlenecks, is vulnerable to an elevation of privilege vulnerability in Advanced SystemCare Ultimate version 14.2.0.220. A local attacker can exploit this vulnerability by sending a malicious I...
Advanced SystemCare Ultimate Elevation of Privilege Vulnerability
Advanced SystemCare Ultimate, a Windows optimization suite from Iobit that analyzes system performance bottlenecks, is vulnerable to an elevation of privilege vulnerability in Advanced SystemCare Ultimate version 14.2.0.220. A local attacker can exploit this vulnerability by sending a malicious I...
CVE-2017-6417
CVE-2017-6417 is a local code-injection vulnerability in Avira products (Total Security Suite 15.0 and earlier, Optimization Suite 15.0 and earlier, Internet Security Suite 15.0 and earlier, Free Security Suite 15.0 and earlier) enabling a local attacker to bypass the vendors’ self-protection and...
CVE-2014-7158
Cross-site request forgery CSRF vulnerability in Exinda WAN Optimization Suite 7.0.0 2160 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to admin/launch...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Exinda WAN Optimization Suite 7.0.0 2160 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to admin/launch...
CVE-2014-7157
The CVE-2014-7157 entry concerns Exinda WAN Optimization Suite 7.0.0 (2160) with a Cross-site scripting (XSS) vulnerability exposed via the tabsel parameter to /admin/launch. The affected component is the web interface; the root cause is lack of input validation for the tabsel parameter, enabling...
CVE-2014-7158
The CVE-2014-7158 entry concerns Exinda WAN Optimization Suite 7.0.0 (2160) and is a Cross-site request forgery (CSRF) vulnerability that could allow remote attackers to hijack an administrator’s session to perform actions such as changing the admin password via a request to /admin/launch. Public...